05-03-2012 08:34 AM - edited 03-10-2019 07:03 PM
We would like to set up a voice only SSID for Cisco 7925 wireless phones. We are running version 1.1 of ISE and 7.0.116 on older lan controllers.
Obviously we can do things to discourage other users/devices from connecting to this SSID but we would really like to restrict devices to just Cisco wireless phones. There seems to be no checks in ISE for 7925s.
Anyone have any relevant experience and/or suggestions ?
Bob
Solved! Go to Solution.
05-12-2012 08:16 PM
According to documentation, 7925G do support EAP-TLS, so you use certificates to authenticate them
Then on ISE you could use a certificate dictionary to look for the common name to start with "CP-7925" or whatever that IP Phone uses to identify itself
The following links is a great guide to use certificates with IP Phones and Cisco ACS
PLease rate if it helps.
05-12-2012 08:16 PM
According to documentation, 7925G do support EAP-TLS, so you use certificates to authenticate them
Then on ISE you could use a certificate dictionary to look for the common name to start with "CP-7925" or whatever that IP Phone uses to identify itself
The following links is a great guide to use certificates with IP Phones and Cisco ACS
PLease rate if it helps.
05-17-2012 11:05 AM
Your suggestion was a good one. It took some work to get all the pieces together but this method is secure and allows us to restrict the SSID to wireless phones.
Thanks
Bob Layh
05-17-2012 12:35 PM
I'm glad I could help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide